dependabot-python 0.123.0 → 0.124.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f4eda7735caaf109c9e313b3a723c78a18108cdc7dc0ae7879aa30b03b02be86
-  data.tar.gz: 3c46d9a9a21a9ff4adba75d0c1b0e76241308163c437d585637f75ee5eb0f663
+  metadata.gz: fd0b26270ae9155bc234f1f47e4bc25f65e6213f59ce60cc2df85dcfad280461
+  data.tar.gz: bd91d524f0309a30c22aaa862fcb257297138560e51f7513d3e25fd4b1f4c033
 SHA512:
-  metadata.gz: 4c21d40844e6ed5f00e27fd86995b7a2f51d6a77deca175ead70b4e51c8a448f650af66c36a84673bcb57715c05a68af4c411cc1dd5bc2c77d8d0c7ab31b224f
-  data.tar.gz: 2fd05f3ac44e3e1e0449fcc06bf0ab3699cc44f37ea6acaffc3fca20e87c528d8b63966b6b707c664775a59157057968cc281a33f9943853da0f4a30da8c43c9
+  metadata.gz: 638cb0adabdc90771b696696f70a4785251417e9e8b03da9e4202d6e296c6293f51350db0a746a1c5f926db236bc383490bc065d93a7091c9b7c6be5e503f174
+  data.tar.gz: c5daa4592b35b3132d6aa260863ede55baef81679bbe77a0ee800fb853f7df5c8bb176acb0cf4e02279d8ff287dfd79fa960f69717ac8751b792db7739069a1e

data/helpers/build

@@ -17,4 +17,4 @@ cp -r \
 
 cd "$install_dir"
 PYENV_VERSION=2.7.18 pyenv exec pip install -r "requirements.txt"
-PYENV_VERSION=3.8.6  pyenv exec pip install -r "requirements.txt"
+PYENV_VERSION=3.9.0  pyenv exec pip install -r "requirements.txt"

data/helpers/requirements.txt

@@ -3,7 +3,7 @@ pip-tools==5.3.1
 hashin==0.15.0
 pipenv==2018.11.26
 pipfile==0.0.2
-poetry==1.1.2
+poetry==1.1.4
 
 # Some dependencies will only install if Cython is present
 Cython==0.29.21

data/lib/dependabot/python/python_versions.rb

@@ -4,12 +4,13 @@ module Dependabot
   module Python
     module PythonVersions
       PRE_INSTALLED_PYTHON_VERSIONS = %w(
-        3.8.6 2.7.18
+        3.9.0 2.7.18
       ).freeze
 
       # Due to an OpenSSL issue we can only install the following versions in
       # the Dependabot container.
       SUPPORTED_VERSIONS = %w(
+        3.9.0
         3.8.6 3.8.5 3.8.4 3.8.3 3.8.2 3.8.1 3.8.0
         3.7.9 3.7.8 3.7.7 3.7.6 3.7.5 3.7.4 3.7.3 3.7.2 3.7.1 3.7.0
         3.6.9 3.6.8 3.6.7 3.6.6 3.6.5 3.6.4 3.6.3 3.6.2 3.6.1 3.6.0

data/lib/dependabot/python/update_checker.rb

@@ -74,6 +74,10 @@ module Dependabot
           end
       end
 
+      def lowest_security_fix_version
+        latest_version_finder.lowest_security_fix_version
+      end
+
       def lowest_resolvable_security_fix_version
         raise "Dependency not vulnerable!" unless vulnerable?
 
@@ -119,7 +123,7 @@ module Dependabot
       end
 
       def fetch_lowest_resolvable_security_fix_version
-        fix_version = latest_version_finder.lowest_security_fix_version
+        fix_version = lowest_security_fix_version
         return latest_resolvable_version if fix_version.nil?
 
         if resolver_type == :requirements

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.123.0
+  version: 0.124.3
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-13 00:00:00.000000000 Z
+date: 2020-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.123.0
+        version: 0.124.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.123.0
+        version: 0.124.3
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement